Steven Everett and Connor Murphy report: Until December 2017, Google Groups containing hundreds of University communications and associated documents with restricted, confidential, or otherwise sensitive information had misconfigured permission settings such that anyone who could access the Boston College G Suite—known formally as Google Apps—could view them, a Heights investigation found. The Heights notified the…
Category: Subcontractor
Virtua Medical Group Agrees to Pay Nearly $418,000, Tighten Data Security to Settle Allegations of Privacy Lapses Concerning Medical Treatment Files of Patients
There’s a follow-up to a breach previously reported on this site in 2016 in which a transcription vendor’s error resulted in the exposure of some Virtua Medical Group’s patients’ protected health information on the internet. It appears that New Jersey has settled charges against VMG over the incident. Of note, the charges are that the VMG…
What to Know About the Latest Data Breach Hitting Sears and Delta Customers
David Meyer reports: Both Sears and Delta Air Lines are facing the exposure of some of their customers’ credit card information, following a data breach at a mutual contractor. The company, a customer services operation called [24]7.ai, suffered the breach between Sept. 26 and Oct. 12 last year. It said in a statement that the…
Wisconsin Department of Health Services and The Management Group Announce Breach of Information
The Department of Health Services (DHS) and The Management Group (TMG) are notifying IRIS participants of a breach of information due to theft of a laptop and a work bag of a TMG IRIS Consultant on February 5. TMG mailed notifications to 779 participants on April 3 who received services from TMG who have potentially…
Curry Health Network notifies members of FastHealth breach
Last month, this site noted a FastHealth breach from 2017 that was first being disclosed. FastHealth had reported it to HHS as impacting 1,345 patients. Now Curry Health Network is notifying its members, and it’s not totally clear if these members were included in the number that had been previously reported to HHS. DataBreaches.net emailed FastHealth…
CVS Health Sued For Allegedly Revealing HIV Status Of 6,000 Patients
There’s an update on a breach reported in August, 2017. CBS reports: CVS Health is being sued for allegedly revealing the HIV status of 6,000 patients in Ohio. A federal lawsuit claims CVS mailed letters last year that showed the status of participants in the state’s HIV drug assistance program through the envelopes’ glassine window….